package com.ms.config.shiro;

import com.ms.entity.User;
import com.ms.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import javax.annotation.Resource;

/**
 * @author zximin-code
 */
@Slf4j
public class UpmsRealm extends AuthorizingRealm {

    @Resource
    private UserService userService;


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //写入用户权限
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        String username = (String) principalCollection.getPrimaryPrincipal();
        User user = userService.getUserByUserName(username);
        //目前没做细致的权限管理，随便写入一个
        authorizationInfo.addStringPermission("all");
        return authorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String username = (String) authenticationToken.getPrincipal();

        String password = null;
        User user = null;

        if (authenticationToken instanceof UsernamePasswordToken) {
            password = new String((char[]) authenticationToken.getCredentials());

            try {
                user = userService.login(username, password);
            } catch (Exception e) {
                log.error("{} - 用户登录异常: {}", username, e.getMessage());
                throw new AuthenticationException("用户登录异常", e);
            }

            if (user == null) {
                log.error("{}-账户或密码错误", username);
                throw new AuthenticationException("账户或密码错误");
            }
        } else {
            log.error("{}-用户登录失败-{}", username, "不支持的认证方式");
            throw new AuthenticationException("用户登录失败-不支持的认证方式");
        }

        log.info("{}-用户登录成功", user.getUsername());
        return new SimpleAuthenticationInfo(username, password, user.getNick());
    }

}
